UID for running user is not 0-checkpoint-all
Vendor: checkpoint
OS: all
Description:
It is critical to make sure running user’s UID is 0 so they have root access. Without root access, interrogation and some commands might fail to execute correctly.
Remediation Steps:
Remove user configured for this device and re-add this device with an user with UID 0. To find out UID value for a particular user, run ‘id [username]’ on the terminal of the device.
How does this work?
Run “id” command to find the UID value of the user.
Why is this important?
A lot of Check Point commands require the user to have root access (UID 0) in order to be executed successfully. During interrogation, a script might fail to recognize the device, because interrogation was not run with a user with root access. This might cause a device to be tagged incorrectly.
Without Indeni how would you find this?
An administrator could login and manually run the “id” command to find the UID of the current user
chkp-id
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/checkpoint/multi-os/chkp-id/chkp-id.ind.yaml
CheckPointUidNotZeroRule
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/CheckPointUidNotZeroRule.scala